SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 74

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 75

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Can detect violations of this recommendation. In particular, it looks for the size argument of malloc(), calloc(), or realloc() and flags when it does not find a sizeof operator in the argument expression. It does not flag if the return value is assigned to a char *; in this case a string is being allocated, and sizeof is unnecessary because sizeof(char) == 1.

LDRA tool suite

Include Page
LDRA_V
LDRA_V

201 S

Partially implemented.

ECLAIR
Include Page
ECLAIR_V
ECLAIR_V
funcallsCan detect violations of this recommendation. In particular, it considers when the size of a type is used by malloc(), calloc() or realloc() and flags these functions if either the size argument does not use a sizeof operator, or the size argument uses sizeof, but the type of the returned value is not a pointer to the type of the argument to sizeof. It does not flag if the returned value is assigned to a char *.PRQA QA·C
Include Page
PRQA_VPRQA_V Can detect for apparent null pointer operations.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...